2008-08-28 16:59:09 +02:00
|
|
|
# Base config file for Pandora FMS Windows Agent
|
|
|
|
|
# (c) 2006-2008 Artica Soluciones Tecnologicas
|
2009-05-25 Ramon Novoa <rnovoa@artica.es>
* windows/pandora_wmi.cc, windows/pandora_wmi.h: Added functions for the
new modules. Removed old logevent functions.
* pandora_windows_service.h, pandora_windows_service.cc: Added support
for data file buffering and startup delay.
* modules/pandora_module_logevent.cc, modules/pandora_module_logevent.h:
Rewritten to retrieve event log data using the PDH interface instead
of WMI (was too slow).
* modules/pandora_module_tcpcheck.cc, modules/pandora_module_tcpcheck.h,
modules/pandora_module_regexp.cc, modules/pandora_module_regexp.h,
modules/pandora_module_perfcounter.cc,
modules/pandora_module_perfcounter.h,
modules/pandora_module_freedisk_percent.cc,
modules/pandora_module_freedisk_percent.h,
modules/pandora_module_freememory_percent.cc,
modules/pandora_module_freememory_percent.h: Added to repository.
New modules, see http://openideas.info/wiki/.
* modules/pandora_module.h, modules/pandora_module.cc,
modules/pandora_module_factory.cc, modules/pandora_module_list.cc:
Added support for the new modules.
* bin/pandora_agent.conf: Included configuration examples for the new
modules.
* PandoraAgent.dev: Updated to compile the new modules.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1707 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-05-25 19:50:27 +02:00
|
|
|
# Version 3.0
|
2008-07-30 20:13:00 +02:00
|
|
|
|
2007-08-23 19:24:56 +02:00
|
|
|
# This program is Free Software, you can redistribute it and/or modify it
|
|
|
|
|
# under the terms of the GNU General Public Licence as published by the Free Software
|
|
|
|
|
# Foundation; either version 2 of the Licence or any later version.
|
|
|
|
|
# This program is distributed in the hope that it will be useful, but
|
|
|
|
|
# WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS
|
|
|
|
|
# FOR A PARTICULAR PURPOSE.
|
|
|
|
|
|
2007-08-29 18:20:54 +02:00
|
|
|
# Edit this file to change your parameters or/and add your own modules
|
2007-09-14 15:58:12 +02:00
|
|
|
# Any line with a # character at the first column will be ignored (comment)
|
2007-08-23 19:24:56 +02:00
|
|
|
# General Parameters
|
|
|
|
|
# ==================
|
|
|
|
|
|
2008-09-05 09:52:38 +02:00
|
|
|
# The variables $*$ will be substituted in the installation
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2009-09-02 13:39:53 +02:00
|
|
|
server_ip 192.168.50.72
|
|
|
|
|
server_path /var/spool/pandora/data_in
|
|
|
|
|
temporal "c:\tmp\"
|
2009-05-25 Ramon Novoa <rnovoa@artica.es>
* windows/pandora_wmi.cc, windows/pandora_wmi.h: Added functions for the
new modules. Removed old logevent functions.
* pandora_windows_service.h, pandora_windows_service.cc: Added support
for data file buffering and startup delay.
* modules/pandora_module_logevent.cc, modules/pandora_module_logevent.h:
Rewritten to retrieve event log data using the PDH interface instead
of WMI (was too slow).
* modules/pandora_module_tcpcheck.cc, modules/pandora_module_tcpcheck.h,
modules/pandora_module_regexp.cc, modules/pandora_module_regexp.h,
modules/pandora_module_perfcounter.cc,
modules/pandora_module_perfcounter.h,
modules/pandora_module_freedisk_percent.cc,
modules/pandora_module_freedisk_percent.h,
modules/pandora_module_freememory_percent.cc,
modules/pandora_module_freememory_percent.h: Added to repository.
New modules, see http://openideas.info/wiki/.
* modules/pandora_module.h, modules/pandora_module.cc,
modules/pandora_module_factory.cc, modules/pandora_module_list.cc:
Added support for the new modules.
* bin/pandora_agent.conf: Included configuration examples for the new
modules.
* PandoraAgent.dev: Updated to compile the new modules.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1707 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-05-25 19:50:27 +02:00
|
|
|
#temporal_min_size 1024
|
|
|
|
|
#startup_delay 5
|
2007-09-14 15:58:12 +02:00
|
|
|
|
|
|
|
|
# Agent uses your hostname automatically, if you need to change agent name
|
|
|
|
|
# use directive agent_name
|
2009-09-02 13:39:53 +02:00
|
|
|
agent_name test_guindous
|
2008-09-05 09:52:38 +02:00
|
|
|
|
|
|
|
|
# Interval is defined in seconds
|
|
|
|
|
|
2009-09-02 13:39:53 +02:00
|
|
|
interval 5
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2008-12-24 14:57:45 +01:00
|
|
|
# tranfer_modes: Possible values are local, tentacle (default), ftp and ssh.
|
2008-08-28 16:59:09 +02:00
|
|
|
transfer_mode tentacle
|
2008-04-02 15:31:21 +02:00
|
|
|
server_port 41121
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2008-04-29 13:27:25 +02:00
|
|
|
# In case of using FTP or tentacle with password, uncomment and change (user is always pandora)
|
|
|
|
|
# server_pwd pandora
|
|
|
|
|
|
2007-09-14 15:58:12 +02:00
|
|
|
# Debug mode do not copy XML data files to server and stop executing after first one
|
2009-09-02 13:39:53 +02:00
|
|
|
#debug 1
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2008-04-02 18:01:35 +02:00
|
|
|
# ODBC connections
|
|
|
|
|
# Configuring "ExampleDSN" DSN. Notice that this DSN connection must be configured
|
|
|
|
|
# under Control panel -> Administrative tools -> ODBC -> DSN
|
2008-07-30 20:13:00 +02:00
|
|
|
# odbc_ExampleDSN_username UserNameForDsn
|
|
|
|
|
# odbc_ExampleDSN_password Password1234
|
2008-04-02 18:01:35 +02:00
|
|
|
|
2008-06-11 10:27:12 +02:00
|
|
|
# If set to 1 allows the agent to be configured via the web console.
|
|
|
|
|
# remote_config 0
|
|
|
|
|
|
2008-06-13 12:32:47 +02:00
|
|
|
# Set XML encoding (ISO-8859-1 by default).
|
|
|
|
|
# encoding ISO-8859-1
|
|
|
|
|
|
2007-08-23 19:24:56 +02:00
|
|
|
# Module Definition
|
|
|
|
|
# =================
|
|
|
|
|
|
|
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Is Eventlog service running?
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name ServicioReg
|
|
|
|
|
#module_type generic_proc
|
|
|
|
|
#module_service Eventlog
|
|
|
|
|
#module_description Eventlog Service
|
|
|
|
|
#module_end
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Is Microsoft Messenger running?
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name MSN_Messenger
|
|
|
|
|
#module_type generic_proc
|
|
|
|
|
#module_proc msmsgs.exe
|
|
|
|
|
#module_description Microsoft Messenger (MSN)
|
|
|
|
|
#module_end
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2007-09-14 15:58:12 +02:00
|
|
|
# Received packets using external program exec
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name ReceivedPackets
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_exec netstat -s | grep "Packets Received" | tr -d " " | cut -f 2 -d "=" | tr -d "\n"
|
|
|
|
|
#module_description Received packets
|
|
|
|
|
#module_end
|
2007-09-14 15:58:12 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# Received packets using external program exec
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name Listen_Conn
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_exec netstat -an | grep LISTEN | wc -l | tr -d " "
|
|
|
|
|
#module_description Listening connections
|
|
|
|
|
#module_end
|
2007-08-23 19:24:56 +02:00
|
|
|
|
|
|
|
|
# Free space on disk C:
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name FreeDiskC
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_freedisk C:
|
|
|
|
|
#module_description Free space on drive C:
|
|
|
|
|
#module_end
|
2007-08-29 18:20:54 +02:00
|
|
|
|
2007-08-23 19:24:56 +02:00
|
|
|
# CPU usage percentage
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name CPUUse0
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_cpuusage 0
|
|
|
|
|
#module_description CPU#0 usage
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
# Inventory
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name Inventory
|
|
|
|
|
# Establish the module interval to run every 3 days (8640 times interval (30 seconds in this case) = 3 days)
|
|
|
|
|
#module_interval 8640
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#Parameters available:
|
|
|
|
|
# * CPU -> Gets information about the CPUs
|
|
|
|
|
# * CDROM -> Gets information about the CDROMs
|
|
|
|
|
# * Video -> Gets information about the video cards
|
|
|
|
|
# * HD -> Gets information about the Hard Drives
|
|
|
|
|
# * NIC -> Gets information about the Network Interface Controlers
|
|
|
|
|
# * Patches -> Gets informaton about the patches installed
|
|
|
|
|
# * Software -> Gets information about the MSI packages installed
|
|
|
|
|
# * RAM -> Get information about the RAM modules
|
|
|
|
|
#module_inventory CPU Video HDs NICs CDROM Patches Software RAM
|
|
|
|
|
#module_description Inventory
|
|
|
|
|
#module_end
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2007-08-29 18:20:54 +02:00
|
|
|
# Free Memory
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name FreeMemory
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_freememory
|
|
|
|
|
#module_description Amount of free memory.
|
|
|
|
|
#module_end
|
2007-08-29 18:20:54 +02:00
|
|
|
|
2008-07-30 20:13:00 +02:00
|
|
|
# Log events
|
2009-09-02 13:39:53 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name Logevents
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_logevent
|
|
|
|
|
#module_description Log Events
|
|
|
|
|
#module_end
|
2008-08-28 16:59:09 +02:00
|
|
|
|
2007-09-17 17:52:03 +02:00
|
|
|
# More examples, uncomment (removing #) to use them
|
|
|
|
|
# =================================================
|
2008-08-28 16:59:09 +02:00
|
|
|
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name Fprot_AV
|
|
|
|
|
#module_type generic_proc
|
|
|
|
|
#module_proc FPAVServer.exe
|
|
|
|
|
#module_description FProt Antivirus running
|
|
|
|
|
#module_end
|
|
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Is Checkpoint SecureClient Service alive?
|
2008-07-30 20:13:00 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name Checkpoint_SecureClient
|
|
|
|
|
#module_type generic_proc
|
|
|
|
|
#module_proc SR_Service.exe
|
|
|
|
|
#module_description Checkpoint Secure Client VPN client
|
|
|
|
|
#module_end
|
|
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Is Network Connect Service VPN Client from Juniper alive?
|
2008-07-30 20:13:00 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name Juniper_VPN
|
|
|
|
|
#module_type generic_proc
|
|
|
|
|
#module_proc dsNcService.exe
|
|
|
|
|
#module_description Network Connect Service VPN Client from Juniper
|
2008-08-28 16:59:09 +02:00
|
|
|
#module_end
|
2007-08-29 18:20:54 +02:00
|
|
|
|
2008-04-02 18:01:35 +02:00
|
|
|
# ODBC query example using ExampleDSN connection defined above.
|
|
|
|
|
# This module gets the first row in example_table.
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name SQL query example
|
|
|
|
|
#module_type generic_string
|
|
|
|
|
#module_odbc ExampleDSN
|
|
|
|
|
#module_odbc_query SELECT * FROM example_table
|
|
|
|
|
#module_description The first row of example_table
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
# ODBC query example using ExampleDSN connection defined above.
|
|
|
|
|
# This module gets the first row in example_table
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name SecondSQL query example
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_odbc ExampleDSN
|
|
|
|
|
#module_odbc_query SELECT punctuation FROM example_table WHERE id = 3
|
|
|
|
|
#module_description The punctuation row of example_tab where id is 3
|
|
|
|
|
#module_end
|
|
|
|
|
|
2007-09-17 17:52:03 +02:00
|
|
|
#Free space on disk D:
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name FreeDiskD
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_freedisk D:
|
|
|
|
|
#module_description Free space on drive D:
|
|
|
|
|
#module_end
|
2007-08-29 18:20:54 +02:00
|
|
|
|
2007-09-17 17:52:03 +02:00
|
|
|
#CPU usage percentage for second CPU
|
2007-09-14 15:58:12 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name CPUUse1
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_cpuusage 1
|
|
|
|
|
#module_description CPU#1 usage
|
|
|
|
|
#module_end
|
2008-08-28 16:59:09 +02:00
|
|
|
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name log_events_system
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_description System log events
|
|
|
|
|
#module_logevent
|
|
|
|
|
#module_source System
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name log_events_security
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_description Security log events
|
|
|
|
|
#module_logevent
|
|
|
|
|
#module_source Security
|
|
|
|
|
#module_end
|
|
|
|
|
|
2008-07-30 20:13:00 +02:00
|
|
|
# Counting OpenedConnections (check the language string)
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name OpenNetConnections
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_exec netstat -na | grep ESTAB | wc -l | tr -d " "
|
|
|
|
|
#module_description Open Connections (interval 2)
|
|
|
|
|
#module_end
|
2008-08-28 16:59:09 +02:00
|
|
|
|
2008-07-30 20:13:00 +02:00
|
|
|
# Accepted server sessions (Server in Spanish)
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name ServerSessions
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_exec net statistics server | grep "Sesiones aceptadas" | gawk "{ print $3 }"
|
|
|
|
|
#module_description Accepted server sessions
|
|
|
|
|
#module_end
|
2008-06-13 12:32:47 +02:00
|
|
|
|
2008-08-28 16:59:09 +02:00
|
|
|
# Server sessions errors (Server in Spanish)
|
2008-07-30 20:13:00 +02:00
|
|
|
#module_begin
|
|
|
|
|
#module_name ServerErrors
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_exec net statistics server | grep "Error" | gawk "{ print $4 }"
|
|
|
|
|
#module_description Server errors
|
|
|
|
|
#module_end
|
2008-09-05 09:52:38 +02:00
|
|
|
|
2009-03-13 10:23:41 +01:00
|
|
|
# Example of asynchronous process checking
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name Notepad
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_proc notepad.exe
|
|
|
|
|
#module_description Notepad
|
|
|
|
|
#module_async yes
|
|
|
|
|
#module_end
|
|
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Example of watchdog process opening it if it gets closed
|
2009-03-13 10:23:41 +01:00
|
|
|
#module_begin
|
|
|
|
|
#module_name Notepad
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_proc notepad.exe
|
|
|
|
|
#module_description Notepad
|
|
|
|
|
#module_async yes
|
|
|
|
|
#module_watchdog yes
|
|
|
|
|
#module_start_command c:\windows\notepad.exe
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
# Example of asynchronous service checking
|
|
|
|
|
# module_begin
|
|
|
|
|
# module_name ServiceSched
|
|
|
|
|
# module_type generic_proc
|
|
|
|
|
# module_service Schedule
|
|
|
|
|
# module_description Service Task scheduler
|
|
|
|
|
# module_async yes
|
|
|
|
|
# module_end
|
|
|
|
|
|
2009-04-29 09:57:36 +02:00
|
|
|
# Example of watchdog service opening it if it gets closed
|
2009-09-02 13:39:53 +02:00
|
|
|
module_begin
|
|
|
|
|
module_name ServiceSched
|
|
|
|
|
module_type generic_proc
|
|
|
|
|
module_service Schedule
|
|
|
|
|
module_description Service Task scheduler
|
|
|
|
|
module_async yes
|
|
|
|
|
module_watchdog yes
|
|
|
|
|
module_end
|
2008-09-05 09:52:38 +02:00
|
|
|
|
2009-03-16 09:03:49 +01:00
|
|
|
# Example UDP server to be able to execute remote actions such
|
|
|
|
|
# as starting or stopping process.
|
|
|
|
|
#udp_server 1
|
|
|
|
|
#udp_server_port 4321
|
|
|
|
|
#udp_server_auth_address 192.168.1.23
|
|
|
|
|
#process_firefox_start firefox
|
|
|
|
|
#process_firefox_stop killall firefox
|
|
|
|
|
#service_messenger 1
|
2009-05-25 Ramon Novoa <rnovoa@artica.es>
* windows/pandora_wmi.cc, windows/pandora_wmi.h: Added functions for the
new modules. Removed old logevent functions.
* pandora_windows_service.h, pandora_windows_service.cc: Added support
for data file buffering and startup delay.
* modules/pandora_module_logevent.cc, modules/pandora_module_logevent.h:
Rewritten to retrieve event log data using the PDH interface instead
of WMI (was too slow).
* modules/pandora_module_tcpcheck.cc, modules/pandora_module_tcpcheck.h,
modules/pandora_module_regexp.cc, modules/pandora_module_regexp.h,
modules/pandora_module_perfcounter.cc,
modules/pandora_module_perfcounter.h,
modules/pandora_module_freedisk_percent.cc,
modules/pandora_module_freedisk_percent.h,
modules/pandora_module_freememory_percent.cc,
modules/pandora_module_freememory_percent.h: Added to repository.
New modules, see http://openideas.info/wiki/.
* modules/pandora_module.h, modules/pandora_module.cc,
modules/pandora_module_factory.cc, modules/pandora_module_list.cc:
Added support for the new modules.
* bin/pandora_agent.conf: Included configuration examples for the new
modules.
* PandoraAgent.dev: Updated to compile the new modules.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1707 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-05-25 19:50:27 +02:00
|
|
|
|
|
|
|
|
# Example of a remote TCP check
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name tcpcheck
|
|
|
|
|
#module_type generic_data
|
|
|
|
|
#module_tcpcheck www.artica.es
|
|
|
|
|
#module_port 80
|
|
|
|
|
#module_timeout 5
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
# Example of regexp matching
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name regexp
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_regexp C:\WINDOWS\my.log
|
|
|
|
|
#module_pattern ^(a*).*\1$
|
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
|
|
# Example of performance counter data retrieval
|
|
|
|
|
#module_begin
|
|
|
|
|
#module_name perfcounter
|
|
|
|
|
#module_type generic_data_string
|
|
|
|
|
#module_perfcounter \Memory\Pages/sec
|
|
|
|
|
#module_end
|
